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IN THE CLAIMS : 

1 . (Currently Amended) A method for registering a first device with a second 
device, comprising the steps of: 

generating a first secret known to the first device and a second secret known to the 
second device using communications between the first device and the second device over a first 
communication channel , said first and second s e crets ostensibly b e ing th e sam e; 

from the first device, producing first information derived from the first secret; 

from the second device, producing second information derived from the second secret; 

using a communication channel other than the first communication channel, comparing 
the first information and the second information in a manner sufficient to assure a third party that 
the first secret and the second secret are the same; and 

enabling the first and second device to use the first and second secrets upon the third 
party being assured that the first secret and the second secret are the same. 

2. (Original) The method of claim 1 wherein the first device and the second device 
generate the first and second secrets using a Diffie-Hellman key exchange. 

3. (Original) The method of claim 1 wherein: 

the first information is derived from a hash of the first secret; and 
the second information is derived from a hash of the second secret. 

4. (Original) The method of claim 1 wherein the first information comprises a 
credential. 

5. (Currently Amended) A method for registering a first device with a second 
device, comprising the steps of: 
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(a) communicating a commitment from the first device to the second device over a first 
communication channel, said commitment comprising information derived from a security value 
known to the first device; 

(b) communicating from the second device to the first device over the first 
communication channel, information for use in generating a first secret; 

(c) after step (b), communicating the security value from the first device to the second 

device; 

(d) generating the first secret at the first device and a second secret at the second device ? 
said first and s e cond s e cr e ts ost e nsibly b e ing th e sam e; 

(e) from the first device, on a communication channel other than the first communication 
channel, validating first verification information related to the first secret; 

(f) from the second device, on a communication channel other than the first 
communication channel, validating second verification information related to the second secret; 
and 

(g) enabling the first and second devices to use the first and second secrets upon a third 
party being assured that the first secret and the second secret are the same. 

6. (Original) The method of claim 5 wherein the commitment is a hash of the 
security value. 

7. (Original) The method of claim 5 wherein the first verification information is a 
hash value derived from the first secret and the security value. 

8. (Original) The method of claim 7 wherein the first verification information is a 
hash value derived from a catenation of the first secret with the security value. 



9. 



(Currently Amended) The method of claim 5 wherein the length of the first 
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verification information is shorter than a length needed to provide a substantially an identical 
level of security in a substantially identical method that does not utilize said commitment. 

10. (Original) The method of claim 5 wherein the first verification information 
comprises a credential. 

1 1 . (Currently Amended) A device capable of registering with an other device, 
comprising: 

an interface to a first communication channel; 
an interface to a second communication channel; 

a registration process that (1) generates a first secret that is ostensibly to-be- shared with 
the other device using the first communication channel, (2) validates on the second 
communication channel verification information derived from the ostensibly to-be- shared secret, 
and (3) is enabled to use the ost e nsibly to-be- shared secret upon receipt of an indication that a 
third party is assured that the first secret is shared with the other device. 

12. (Original) The device of claim 1 1 wherein the device generates the first secret 
using a Diffie-Hellman key exchange. 

13. (Original) The device of claim 1 1 wherein the verification information is derived 
from a hash of the first secret. 

14. (Original) The device of claim 1 1 wherein the verification information comprises 
a credential. 



15. 

comprising: 



(Currently Amended) A device capable of registering with an other device, 
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an interface to a first communication channel; 
an interface to a second communication channel; 

a registration process that (1) receives, on the first communication channel, a 
commitment derived from a security value; (2) produces, on the first communication channel, 
information for use in generating a shared secret; (3) after step (2), communicates the security 
value on the first communication channel; (4) generates a first secret ost e nsibly to-be- shared 
with the other device, (5) communicates on the second communication channel verification 
information related to the first secret, and (6) is enabled to use the first secret upon receipt of an 
indication that a third party is assured that the first secret is shared with the other device. 

16. (Original) The device of claim 15 wherein the commitment is a hash of the 
security value. 

17. (Original) The device of claim 15 wherein the verification information is a hash 
value derived from the first secret and the security value. 

1 8. (Original) The device of claim 1 7 wherein the verification information is a hash 
value derived from the catenation of the first secret with the security value. 

19. (Currently Amended) The device of claim 15 wherein the length of the 
verification information is shorter than a length needed to provide a s ubstantially an identical 
level of security in a substantially id e ntical method that does not utilize said commitment. 

20. (Original) The method of claim 15 wherein the verification information is a 
credential. 

21 . (Currently Amended) A server capable of registering a device to a network, 
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comprising: 

an interface to a first communication channel; 

an interface to a second communication channel; and 

a registration process that (1) generates a first secret that is ost e nsibly to-be- shared with 
the device using the first communication channel; (2) validates on the second communication 
channel verification information derived from the first secret, and (3) enables the network to use 
the first secret upon receipt of an indication that a third party is assured that the ostensibly to-be- 
shared secret is shared with the device. 

22. (Original) The server of claim 21 wherein the server generates the first secret 
using a Diffie-Hellman key exchange. 

23. (Original) The server of claim 21 wherein the verification information is derived 
from a hash of the first secret. 

24. (Original) The server of claim 21 wherein the verification information comprises 
a credential. 

25. (Currently Amended) A server capable of registering a device to a network, 
comprising: 

an interface to a first communication channel; 

an interface to a second communication channel; and 

a registration process that (1) communicates over the first communication channel a 
commitment comprising information derived from a security value; (2) communicates over the 
first communication channel information for use in generating a shared secret; (3) after step (2), 
communicates the security value over the first communication channel; (4) generates a first 
secret ost e nsibly to-be- shared with the device; (5) communicates over the second communication 
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channel verification information related to the secret; and (6) enables the network to use the first 
secret upon receipt of an indication that a third party is assured that the first secret is shared with 
the device. 

26. (Original) The server of claim 25 wherein the commitment is hash of the security 

value. 

27. (Original) The server of claim 25 wherein the verification information is a hash 
value derived from the secret and the security value. 

28. (Original) The server of claim 27 wherein the verification information is a hash 
value derived from the catenation of the first secret with the security value. 

29. (Currently Amended) The server of claim 25 wherein the length of the 
verification information is shorter than a length needed to provide a substantially an identical 
level of security in a substantially id e ntical method that does not utilize said commitment. 

30. (Original) The method of claim 25, wherein the verification information 
comprises a credential. 
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